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eorinare Vulnerabilities 


“The only truly secure system is 
one that is powered off, cast in a block of concrete and 
sealed in a lead-lined room with armed guards.” 
— Gene Spafford © 2020 Philip Koopman J 
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= Anti-Patterns for vulnerabilities 
e Ignoring vulnerabilities until attacked 
e Assuming vulnerabilities wont be exploited: 
— Unsecure embedded networks 


— Reverse engineering of devices 
— Hidden functionality 


4 E 4 : , | : a nttnalleduuheete 
e Assuming passwords will be secure 





= Vulnerability: a point in the system susceptible to attack 
e Includes HW, SW, network, people, infrastructure, organization 
e Exploit: a method of converting a vulnerability to a security breach 
e Attack: someone uses an exploit to breach system security 
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DON'T BREW THAT CUPPA! Your kettle could be 
a SPAM BOT https://goo.gl/zxGH4S 


Russian report says Chinese appliances hide Wifi slurping spam- 
spreaders 29 Oct 2013 at 07:03, Simon Sharwood 





Russian authorities have claimed that household appliances imported from China contain tiny computers 

that seek out open WiFi networks and then get to work sending spam and distributing malware. 

St Petersburg news outlet Rosbalt reported last week that local authorities had examined kettles and 

irons and found “20 to 30 pieces of Chinese home appliance 'spy' microchips” that “sends some data to 

the foreign server’. 

A bit of digging suggests it is legitimate. One source the story mentions, Gleb Pavlov of customs broker 

Panimport can be found at the link we've popped in on the company's name. We've also been able to 

find this linkto an appliances company called “Sable Ltd”, the very name translation engines say Is the 

employer of one Innokenty Fedorov whose company found the bugged appliances. © 2020 Philip Koopman 3 
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Weak or Master Passwords eee 
m Weak passwords are bad _ a 
e 1234, 777 (US), 888888 (China) 50% ae 
Other 
e password, iloveyou, qwerty 10% bi Engineering 
= Factory master passwords are worse! 20% y Computer 
e Once one user knows, everyone will know 32% y 
= Don’t use the same key in all systems 5% VA 
e Keelog car remote broken due to using ee ne er 


same manufacturer key in all units 
m Use long enough crypto keys 
e https://www.keylength.com/en/5/ 
e Every year safe key size gets a little longer 


e E.g.: 256 bit symmetric key 
3072 bit public key 


1 
Guess number 


PASSWORD STRENGTH BY USER TYPE (UP IS BAD!) 


https://goo.gl/ozKDt1 


Password usability matters 
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Top 200 most common 


passwords of the year 2020 


Here are the worst 200 passwords of 2020. The list details how many times a 
password has been exposed, used, and how much time it would take to crack 
it. We also compare the worst passwords of 2019 and 2020, highlighting 
how their positions have changed. The green arrows indicate a rise in the 
position while the red ones - a fall off. Check if your password is on the list 
and strengthen it if it is. 





123456 k&kK&kKK*K 


x= 


2016 list is based on over 5 million passwords 
posted or for sale on the Internet 


Garicls 
RANK PASSWORD FROM 2015 














1 123456 Unchanged 
2 password Unchanged 

wv 8 yf 
3 12345 2A dl . . ‘ 

@ & Position Password Number of users Time to crack it Times exposed 
4 12345678 iN 

football 2A : re . 
: 123456—and “password” remain #1 and #2 1.7 123456 2,543,285 Less than a second 23,597,311 
6 qwerty 2N for third straight year 
7 1234567890 5A 2 123456789 961,435 Less than a second 7,870,694 
8 1234567 1A 
3. (new) picture1 371,612 3 Hours 11,190 
9 princess 12A 
10 1234 2 4. t password 560,467 Less than a second 67/5955 
ae a Almost 4% of people use the worst 
11 ogin 9 password, 123456. 
Just over 10% of people use one of the 25 5. 12345678 $22,187 Less than a second 2,944,615 
12 welcome iM worst passwords . 
13 solo 10/A 6.7 111111 230,507 Less than a second 3,124,368 
e® @ 
14 abci23 iN e : 
‘ sine & ef y o S RE 7% 123123 189,327 Less than a second 2,238,694 
16 = > 8. 12345 188,268 Less than a second 2,389,787 
17 flower © “Hottie” and “loveme” and "flower" make their first 
appearances on the SplashData list 
18 password 6A “Princess” and “solo” keep the Force from Star Wars going 9. % 1234567890 171,724 Less than a second 2,264,884 
for another year 
19 dragon 3N Three variations of “password” on the list -- "password", 
‘password, and "passwords". 10. (new) senha 167,728 10 Seconds 8,213 

20 sunshine pe) 
21 master ay a ae w Tl. Ff 1234567 165,909 Less than a second 2,516,606 

we nave seen an effort by many people 

] be more secure Dy adding characters t 
= hottie > passwords but if these longer passwords 
23 loveme are based on simple patterns they will put ‘ - 
. you in Just as much rsk of having you https://nordpass.com/most-common-passwords-list/ 

24 zaqizaqi identity stolen Dy Nackers 
25 password1 be) Morgan Slain, CEO of SplashData © 2020 Philip Koopman 5 





Avoid Default Passwords 


Brian Krebs’ Blog Hit by 665 Gbps DDoS Attack 


https://goo.gl/2aXD4s 


By Eduard Kovacs on September 21, 2016 


in shore ACI CS & 


Investigative cybercrime journalist Brian Krebs reported on Tuesday that his website, 
KrebsOnSecurity.com, was hit by a massive distributed denial-of-service (DDoS) attack 
that could be the largest in history. 


According to Krebs, his site was targeted with various types of DDoS attacks, including SYN 
and HTTP floods. The attack peaked at 665 Gbps and 143 Mpps (million packets per second), 
but it was successfully mitigated by Akamai, the company that provides DDoS protection 
services for KrebsOnSecurity. 


These 60 dumb passwords can hijack over 
500,000 loT devices into the Mirai botnet 


Always change your device's default password. https://goo.gl/n82V4u 


Graham Cluley | October 10, 2016 2:43 pm | Filed under: Botnet, Denial of Service, Malware @ 4 


Username 
666666 
888888 
admin 
admin 
admin 
admin 
admin 







admin 

admin 

admin 

admin 

admin 
admin1 
administrator 
Administrator 
guest 

guest 
mother 

root 

root 

root 

root 

root 

root 

root 

root 


Password 
666666 
888888 
(none) 
1111 
1111111 
1234 
12345 
123456 


admin1234 
meinsm 
pass 
password 
smcadmin 
password 
1234 
admin 
12345 
guest 
f***er 
(none) 

0 

1111 
1234 
12345 
123456 
54321 
666666 
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Username Password 


root 7ujMkoOadmin 
root 7ujMkoOvizxv 
root 888888 

root admin 

root anko 

root default 

root dreambox 
root hi3518 

root ikwb 

root juantech 

root jvbzd 

root klv123 

root klv1234 

root pass 

root password 
root realtek 

root root 

root system 

root user 

root VIZXV 

root xc3511 

root xmhdipc 

root Z|xx. 

root Zte521 
service service 
supervisor supervisor 
support support 

tech tech 

ubnt ubnt 

user user 6 


a Attaéhers go after implementation mistakes 
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Mistakes Using Cryptography ae 





Usually you dont have to break the 
cryptography 


= Typical mistakes 


Sending initial passwords or secrets without 
encrypting 


Using known flawed protocols (e.g., flawed 
secret key exchange, flawed software) 


Implementing your own crypto from books 
Permitting weak passwords 
Not applying security patches 


Crypto weakness in smart LED lightbulbs 
exposes Wi-Fi passwords https://goo.gl/v4xgKu 


More evidence the Internet of things treats security as an afterthought 


by Dan Goodin - Jul 7, 2014 3:20pm EDT 


Cs a 


WiFi ? 6LOWPAN mesh network 








Oy Context 


In the latest cautionary tale involving the so-called Internet of things, white-hat hackers have devised 
an attack against network-connected lightbulbs that exposes Wi-Fi passwords to anyone in proximity 
to one of the LED devices. 


The attack works against LIFX smart lightbulbs, which can be turned on and off and adjusted using 
iOS- and Android-based devices. Ars Senior Reviews Editor Lee Hutchinson gave a good overview 
here of the Philips Hue lights, which are programmable, controllable LED-powered bulbs that compete 
with LIFX. The bulbs are part of a growing trend in which manufacturers add computing and 
networking Capabilities to appliances so people can manipulate them remotely using smartphones, 
computers, and other network-connected devices. A 2012 Kickstarter campaign raised more than 
$1.3 million for LIFX, more than 13 times the original goal of $100,000 


According to a blog post published over the weekend, LIFX has updated the firmware used to control 
the bulbs after researchers discovered a weakness that allowed hackers within about 30 meters to 
obtain the passwords used to secure the connected Wi-Fi network. The credentials are passed from 
one networked bulb to another over a mesh network powered by GLOW/PAN, a wireless specification 
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Embedded Network Attacks 
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“Proprietary protocol” 


does not provide 
much protection 


e Automotive CAN with 
proprietary messaging 






” CAN-to-USB 
converter 


oscilloscope 


Figure |. 
lab. The Electronic Brake Control Module 
(ECBM) is hooked up to a power supply, a 
CAN-to-USB converter, and an oscilloscope. 


Example bench setup within our 





——— 


m CANCapture ECOM cable 
i 

Figure 2. Example experimental setup. The 
laptop is running our custom CARSHARK 
CAN network analyzer and attack tool. The 
laptop is connected to the car’s OBD-II port. 
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Figure 4. Screenshot of the CARSHARK interface. CARSHARK is being 
used to sniff the CAN bus. Values that have been recently updated are in 
yellow. The left panel lists all recognized nodes on high and low speed 
subnets of the CAN bus and has some action buttons. The demo panel on 
the right provides some proof-of-concept demos. 


To test ECU behavior in a 
controlled environment, we immobilized the 
car on jack stands while mounting attacks. 


http://www.autosec.org/pubs/cars-oakland2010.pdf 


Figure 3. 
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. THE MELTDOUN AND SPECTRE. EXPLOITS USE THE PHANTOM TROLLEY ISN'T 
Row Hammer: (CMU, 2014) "SPECULATIVE EXECUTION?” WHATS THAT? SUPPOSED To TOUCH ANYONE. 


YOU KNOW THE TROLLEY PROBLEM? WELL, || OUT IT TURNS OUT YOU CAN 
FOR A WHILE NOU, CPUs HAVE BASICALLY |} SNL USE IT TO DO STUFF: 
BEEN SENDING TROLLEYS DOUN BOIH AND IT CAN DRIVE 

PATHS, QUANTUM-SIVLE, WHILE AWAITING || THROUGH WALLS. 


YOUR CHOICE. THEN THE UNNEEDED 
"PHANTOM" TROLLEY DISAPPEARS. 





THAT SOUNDS GAD: WHATS THAT? SO YOURE SAYING 
IF YOU TOGGLE A ROW OF MEMORY THE CLOUD IS FULL OF 





HONESTLY, I'VE BEEN 
\\\ | //J7 ASSUMING WE WERE CELLS ON AND OFF REALLY FAST, YOU PHANTOM TROLLEYS 
CAN USE ELECTRICAL INTERFERENCE ARMED WITH HAMMERS 
DOOMED EVER SINCE 
TO FLIP NEARBY BITS AND— 
T LEARNED ABOUT .. YES, THAT 19 
ROWHAMMER. DO WE JUST SUCK ) EXACTLY RIGHT. 
AT...COMPUTERS? TU. UH 
YUP ESPECIALLY SHARED ONES. spbieghontdlas 
Rapid row activations (yellow rows) may change the ™ ha INSTALL UPDATES! 


values of bits stored in victim row (purple row).!121:4 


https://en.wikipedia.org/wiki/Row_hammer 





i a \ GOOD PEA 


eg 


https://xked.com/1938/ 
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Physical Access to System ee 


=m How easy is it for someone to steal your design? 
e Hardware design 
e Software design 
= Chip peels are no big deal 
e Can recover hardware schematics from silicon 
e Can recover software from memory 
e “Tamper resistant” is a good way to slow down attacks — but does not stop them 
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http://www.scienceprog.com/safety-protection-guides-and-fact-about-microcontroller-you-should-know/ 
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Hidden Functionality Malicg 


_ University 





=m Assume that any “secret” functionality will 
be revealed 
e Factory test modes 
e Factory service modes 
e ‘Easter eggs” 


= This includes: 
e Service technician master password 
e Ability to reset system 
e Default administrative accounts 


= Potential better approach: 
e ‘Factory test” jumper on internal board a 
e Factory test mode warning on screen https://g00.gl/Ty9avJ 
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Counterfeit Systems ee 
m How do you know components are legitimate? Exhibit 1 


e Often chips/boards fail to meet specifications, 
but are superficially the same function 
— Rejects that failed non-functional testing 
-— Salvaged used components 
— “Clone” hardware without safety mechanisms | Rey Phage 
e What if fake shows up in a critical application? sNegmcrm as eae Py EP ee SE 


ve Ay 


Authentic 





° enne http://www.eetimes.com/electronics-news/4229964/Chip- 
@ US Customs SeIZeS ~ 7] -2 MI ion fa ke ICs per year counterfeiting-case-exposes-defense-supply-chain- 


flaw?pageNumber=3 


=m What if someone wants to clone your whole product? 
e “Tamper-proofing’ may help, but not if attack is lucrative 
e Clones might be built in part by scavenging authentic components 
e Will need to have some way to authenticate and track serial numbers 
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Cloud Connected Devices pa 





m Embedded meets Internet Security 
e Need good practices for IT security 
e Need good practices for embedded 


e IT penetration can cause safety issues 
via embedded device(!) 


=m Questions to ask in design 
e How does Cloud know it is a legitimate device? 





http://vint.sogeti.com/internet-things-world-fridge-spambot/ 


-— Deploy each device with a unique public key signed by factory (This is a caricature, not a real attack) 
e How does user securely connect smart phone to device? 

— Print unique WPA (etc.) key on sticker inside unit 
e What if user forgets password? 

— Provide “factory reset” ability, NOT a shared master factory password 
e How will you do secure update? Factory Key revocation? 
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More Embedded-Specific Security Issues ss Uhithiny 


Resources are scarce 

e Consider a Smart Card chip (TPM) for keys & crypto 
Embedded networks are generally insecure 

e Short network messages, no built-in security 

e Power, memory, CPU constrain security resources 
Power drain attacks 

e Attacks designed to deplete batteries 

Real time operation attacks 

e Only a slight overload might cause real time schedule problems 

Tamper resistance & evidence for critical properties 

e How can you prove someone didn’t alter your safety critical system? (Even the owner?) 
Ensuring updates are authentic & are installed 

e How can you ensure only certified configurations will run? 


e How do you ensure installation of required updates with intermittent external connectivity? 
© 2020 Philip Koopman 14 
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Security Vulnerabilities Best Practices ee 





= Be realistic with vulnerabilities cua 
e Users won't change default passwords fi01 010 010% 01101 Re 
e Weak passwords will be used : Sakon an 
e Counterfeit systems will be built . Sergey 
e All network systems will be attacked 


L ee 
ri4 


= 604000 001 me ae 





https://goo.gl/Lk2rbH 


= Pitfalls: 
e Assuming users will practice excellent security hygiene 
e Using a master password 
e Assuming attackers can't extract secrets from at least one device 
— Using a given symmetric key in more than one device instance 
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THIS AYN RANDOM NUMBER 
GENERATOR YOU WROTE CZAIZ5 
10 GE FAIR, BUT THE OUTPUT IS 
BIASED TOWARD CERTAIN NUMBERS, 


WELL, MAYGE THOSE 
NUMGERS ABE JUST 
INTRINSICALLY GETTER! 





https://xkcd.com/1277/ 


int getRondomNumber () 


return 4° // chosen by fair dice roll. 


If quaranteed to be random. 





https://xked.com/221/ 
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